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DETAILED ACTION 

1 . This Office Action is in response to the Applicant's amendment filed on 
December 15, 2009. 

2. Claims 1,11 and 22-23 have been amended. 

3. Claims 1-29 are pending. 

EXAMINER'S AMENDMENT 

4. An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1 .312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Anthony Jones (Reg. No. 59,521 ) on 01/04/09. 
The application has been amended as follows: 
In the claims: 

Please amend claim 1 1 and 22 as follows: 
Claim 11 : 

A computer readable storage medium for storing instructions that, when 
executed by a computer, cause the computer to perform a method of preventing an 
endnode in a communication fabric from receiving an unauthorized communication, 
comprising: 
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establishing a first category of management communications to include: 

a request from a manager node to an endnode; and 

a reply from the manager node to a request from an endnode; 

establishing a second category of management communications to 
include: 

a reply from an endnode to a request from the manager node; and 

a request from an endnode to the manager node; and 

at a switching device coupled to a first endnode: 

receiving from the communication fabric a management communication 
addressed to the first endnode; 

determining whether the first endnode is a trusted endnode; 

determining whether the management communication is a first 
category management communication; and 

responsive to the first endnode not being a trusted endnode and the 
management communication not being a first category management 
communication, discarding the management communication. 

Claim 22 
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A computer readable storage medium for storing instructions that, when 
executed by a computer, cause the computer to perform a method of preventing an 
endnode in a communication fabric from sending an unauthorized communication, 
comprising: 

establishing a first category of management communications to include: 

a request from a manager node to an endnode; and 

a reply from the manager node to a request from an endnode; 

establishing a second category of management communications to 
include: 

a reply from an endnode to a request from the manager node; and 
a request from an endnode to the manager node; and 
at a switching device coupled to a first endnode: 

receiving from a first endnode a management communication addressed to 
a second endnode in the communication fabric; 

determining whether the first endnode is a trusted endnode; 

determining whether the management communication is a second 
category management communication based; and 
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responsive to the first endnode not being a trusted endnode, 
discarding the management communication if the management 
communication is not a second category management communication. 

Claim 29 : 

Claim 29 has been canceled. 



Allowable Subject Matter 

5. Claims 1-28 are allowed. 

The following is an examiner's statement of reasons for allowance: The prior art 
on record: 

Gai et al. (US 2004/0160903) teaches a method for implementing security groups 
in an enterprise network wherein the received packet is classified as having a security 
group designation selected from a plurality of security group designations. The security 
group designation associating a set of destinations and a set of sources authorized to 
access the set of destinations. Applying a security group tag (SGT) to the packet which 
identifies the security group designation, the security tag being applied in a field not 
reserved for virtual local area network information. A group of client devices may 
communicate with the servers, but the client devices may not communicate with each 
other. This result can be achieved by using one SGT to tag packets originated by the 
servers and one SGT to tag packets originated by the client devices. SGTs are used for 
egress filtering and the number outside oval are SGTs used for ingress tagging. 
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Pinto (US 2002/0133622) teaches a method of discovering and mapping 
elements in a subnet of data network fabric. The subnet manager first formats the 
packet by setting the management class field to data which indicates a subnet 
management class direct route using node identifiers with broadcast. In order for the 
nodes on the subnet to be aware of the mechanism that is being used the management 
class field must be set to a value indicating a subnet management class using directed 
route with node identifiers. Thus, the subnet manger formats the packet by inserting this 
management class and by initializing the port path block and identifier path block to 
zeros. 

Chou (US 6,920,106) teaches management packets are used to implement 
management functions and may include SMPs, Performance Management Packets, 
and Baseboard Management Packets. A virtual lane (VL) is reserved exclusively for 
sub-network management packets (SMPs). 

With respect to claim 1: 

The prior art on record either taken singularly or in combination fails to teach 
"establishing a first category of management communications to include: a 
request from a manager node to an endnode; and a reply from the manager node 
to a request from an endnode; establishing a second category of management 
communications to include a reply from an endnode to a request from the 
manager node; a request from an endnode to the manger node; and determining 
whether the management communication is a first category management 
communication; and responsive to the first endnode not being a trusted endnode 
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and the management communication not being a first category management 
communication, discarding the management communication" including all the other 
limitations recited in claim 1. 

Independent claims 11-12, 22 and 23 includes similar limitations are also allowed 
for the same reason set forth above. 

Dependent claims 2-10, 13-21 and 24-28 are also allowed. 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to SHEWAYE GELAGAY whose telephone number is 
(571)272-4219. The examiner can normally be reached on 8:00 am to 5:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Shewaye Gelagay/ 
Examiner, Art Unit 2437 

/Emmanuel L. Moise/ 

Supervisory Patent Examiner, Art Unit 2437 



